Hiding the Policy in Cryptographic Access Control

9 years 1 months ago
Hiding the Policy in Cryptographic Access Control
Abstract. Recently, cryptographic access control has received a lot of attention, mainly due to the availability of efficient Attribute-Based Encryption (ABE) schemes. ABE allows to get rid of a trusted reference monitor by enforcing access rules in a cryptographic way. However, ABE has a privacy problem: The access policies are sent in clear along with the ciphertexts. Further generalizing the idea of policy-hiding in cryptographic access control, we introduce policy anonymity where – similar to the well-understood concept of k-anonymity – the attacker can only see a large set of possible policies that might have been used to encrypt, but is not able to identify the one that was actually used. We show that using a concept from graph theory we can extend a known ABE construction to achieve the desired privacy property.
Sascha Müller, Stefan Katzenbeisser
Added 23 Dec 2011
Updated 23 Dec 2011
Type Journal
Year 2011
Where IACR
Authors Sascha Müller, Stefan Katzenbeisser
Comments (0)